How to Use Cloudflare DNS on Mac OS for Speed & Privacy

CloudFlare now has a consumer DNS service that is very fast and also centered around privacy. CloudFlare DNS says they won’t log IP addresses or sell your data, which in the modern era is perhaps more important than ever for users who value the vague concept of internet privacy.

This article will show you how to setup and use CloudFlare DNS on a Mac.

For some quick background, DNS is what links an IP address to an easy to read domain name, and it’s sort of like an internet directory service. The faster the DNS requests are, the faster your general internet performance will be because there is less time spent performing lookups to associate an IP address to a domain name. No, it won’t increase the actual transfer speeds, but using faster DNS may increase the response time of accessing various internet services and websites. But as mentioned above, it’s not just speed that makes Cloudflare DNS enticing, it’s the privacy-centric nature of the service, if you’re interested in learning more you can read more here from Cloudflare.

How to Setup Cloudflare DNS on Mac OS

If you’re already familiar with changing DNS servers on Mac OS then this process should be familiar to you, the main difference then is the addition of the Cloudflare DNS IP of 1.1.1.1 and 1.0.0.1. Here are the full steps:

Go to the  Apple menu and then select “System Preferences”

Choose the “Network” control panel

Select “Wi-Fi” from the sidebar and then click on the “Advanced” button

Choose the “DNS” tab

Now click the “+” plus button to add a new DNS server, and enter: 1.1.1.1

Click the “+” plus button again and add another new DNS server: 1.0.0.1

If other DNS entries exist, click and drag the “1.1.1.1” and “1.0.0.1” entries above them in the list, or for maximum privacy and to rely entirely on Cloudflare DNS, delete the other DNS entries (it is recommended to make a note of any pre-configured DNS IP addresses just in case)

You should not need to quit and relaunch any networking apps for the change to take effect, but to be thorough you may want to anyway. Or you can reboot your computer.

Likewise it shouldn’t be necessary to flush DNS caches but you’re welcome to clear DNS cache anyway, you can learn how to reset DNS cache in MacOS High Sierra, Sierra, El Capitan, and other Mac OS X versions if need be.

If you have multiple Macs and decide you want to use CloudFlare DNS on all of them, you’ll want to repeat the same DNS configuring setup process on each of them, and you could also change DNS servers on iPhone or iPad if you want to set those to use the service as well.

How do I know if Cloudflare DNS is faster for me?

This is a great question, since every user and every ISP will likely have different performance for different DNS providers. Fortunately there are multiple ways to check DNS performance:

Use a DNS comparison test, like DNSPerfTest (discussed below) or NameBench

If you want to run a DNS comparison speed test yourself from your own Mac, and you’re savvy with the command line, you can save this bash script as dnstest.sh (via cleanbrowsing) to your local directory, and then run the following command:

bash ./dnstest.sh |sort -k 22 -n

In each of my own personal tests, Cloudflare DNS was the fastest, but individual results may vary per location, ISP, and other variables.

If this interests you then try it out yourself and see if it’s faster for you, but even if it’s not, some people may opt to use CloudFlare DNS for the purported privacy benefit. That’s a personal decision, so whether you want to use CloudFlare DNS, your ISP provided DNS, or any other DNS, that’s your call!

I think I just answered my own question after clicking submit. I guess that is the case when I am on my home network, but beyond that, I guess I would be submitting to whatever DNS the network if I don’t change it on the individual devices. Is that correct?

Yes, you can change the router DNS and that will assign throughout your network if you use auto DHCP from the router to assign IP information. But every router config is different, many people don’t know their router login information, etc…

If you can override the DNS severs in your router and it uses DHCP to give addresses to all your machines and devices, that should be fine.

You can also geek out if you’re tech savvy. Run a local DNS resolver on a mac that gets addresses from Cloudflare (which can be cached) and share by pointing all of your other devices to the mac.

The best alternative is to mod a router with OpenWrt or Tomato and run a DNS resolver on it. Something like dnsmasq works well. You can also block thousands of ad sites and trackers with it.

For even better security, you can encrypt your DNS lookups so that your ISP doesn’t get a history of the sites you visit. It appears Cloudflare supports a couple of encryption options. Then it’s down to whether you trust Cloudflare or your ISP with that info.

If you want to go full on, setup a Virtual Private Server (VPS) for about $5/mo on DigitalOcean or Linode or another service. It’s a lot of work, but you can set up a VPN, a DNS resolver that blocks ads/trackers and encrypt all of your DNS queries. There’s some VPN/cipher packages out there even the Chinese govt. haven’t cracked yet. You also get to trust your VPN service, because you are running it yourself. Unfortunately it is not trivial to set this up.

Nothing is ever 100% secure, but running your own VPS will keep out most of the bottom feeding weasel Ad companies, data trackers and ISPs.

p.s. it’s also trivial to block the over 188,000 IP addresses that FaceF*ck have registered.

Yes! I wondered this too. Usually with wi-fi router you go to “192.168.0.1” or “192.168.1.1” or similar in your web browser, but with Airport Extreme, the configuration is through a utility and not a web browser.

How to change DNS Settings on Apple AirPort Extreme:

– Open the “AirPort Utility application” (found in /Applications/Utilities)

– Click the AirPort Extreme icon to show the status section

– Click ‘Edit’ to view the Settings window

– Click the “Internet” tab

– Enter the DNS servers 1.1.1.1 in the Primary DNS Server and 1.0.0.1 in the Secondary DNS Server fields (you can also use Google DNS if you’d rather do that, 8.8.8.8)

– Click ‘Update’ for change to take effect, it will disconnect and reconnect your router connections from all devices to AirPort Exstreme

This website and third-party tools use cookies for functional, analytical, and advertising purposes. By continuing to browse the site, closing this banner, scrolling this webpage, or clicking a link, you agree to these cookies. You can review our privacy policy for additional information.I AcceptPrivacy Policy